Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39: FEDORA-2024-e60359f212 high severity: Chromium security fixes

fedora
Calendar Grey September 27, 2024
Dist Fedora Esm H88
Fedora 39 has released critical security updates for Chromium, fixing significant vulnerabilities like use-after-free, buffer overflow, and XSS issues.
Update to 129.0.6668.70 * High CVE-2024-9120: Use after free in Dawn * High CVE-2024-9121: Inappropriate implementation in V8 * High CVE-2024-9122: Type Confusion in V8 * High ...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 129.0.6668.70 * High CVE-2024-9120: Use after free in Dawn * High CVE-2024-9121: Inappropriate implementation in V8 * High CVE-2024-9122: Type Confusion in V8 * High CVE-2024-9123: Integer overflow in Skia

Topics%20covered

Topics Covered

security advisory high severity Fedora update information Chromium

Change Log

* Wed Sep 25 2024 Than Ngo - 129.0.6668.70-1 - update to 129.0.6668.70 * High CVE-2024-9120: Use after free in Dawn * High CVE-2024-9121: Inappropriate implementation in V8 * High CVE-2024-9122: Type Confusion in V8 * High CVE-2024-9123: Integer overflow in Skia * Thu Sep 19 2024 Than Ngo - 129.0.6668.58-2 - clean up

References


[ 1 ] Bug #2314362 - CVE-2024-7024 chromium: V8 Sandbox Bypass: wasm function signature confusion leading to out of sandbox arbitrary read/write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314362 [ 2 ] Bug #2314363 - CVE-2024-7024 chromium: V8 Sandbox Bypass: wasm function signature confusion leading to out of sandbox arbitrary read/write [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314363 [ 3 ] Bug #2314365 - CVE-2024-7022 chromium: out of bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314365 [ 4 ] Bug #2314366 - CVE-2024-7022 chromium: out of bounds memory access [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314366 [ 5 ] Bug #2314367 - CVE-2024-7020 chromium: Inappropriate implementation in Autofill in Google Chrome [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314367 [ 6 ] Bug #2314368 - CVE-2024-7020 chromium: Inappropriate implementation in ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-e60359f212' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: chromium
Product: Fedora 39
Version: 129.0.6668.70
Release: 1.fc39
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory high severity Fedora update information Chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here